Professional Documents
Culture Documents
Interruption:
Interruption:An
Anattack
attackon
onavailability
availability
Interception:
Interception:An
Anattack
attackon
onconfidentiality
confidentiality
Modification:
Modification:An
Anattack
attackon
onintegrity
integrity
Fabrication:
Fabrication:An
Anattack
attackon
onauthenticity
authenticity
Computer System Security/Attacks
Attacks(Cont’d …)
Source
Attack
Interruption Interception
Modification Fabrication
Attacks(Cont’d …)
Brute force attack: trying every possible combinations.
Dictionary attack: selects specific accounts to attack and uses
commonly used passwords (i.e., the dictionary) to guide
guesses.
Denial-of-service (DoS): attacker sends large number of
connection or information requests to a target
Target system cannot handle successfully along with other,
legitimate service requests
May result in system crash or inability to perform ordinary
functions
Distributed denial-of-service (DDoS): coordinated from many
locations simultaneously
Attacks(Cont’d …)
Attacks(Cont’d …)
IP Spoofing attack: technique used to gain unauthorized
access; intruder assumes a trusted IP address.
Attacks(Cont’d …)
Man-in-the-middle attack: attacker monitors network packets,
modifies them, and inserts them back into network.
Attacks(Cont’d …)
Masquerade: it takes place when one entity pretends to be a
different entity.
For example: authentication sequences can be captured and
2. Passive attacks
Passive attacks are in the nature of eavesdropping on, or
transmitted.
Types of Attacks(Cont’d …)
Types of Attacks(Cont’d …)
Threats to information security
systems or information
Deliberate acts of theft -- Illegal confiscation of information
18
Malicious Threats(Cont’d…)
Eg: Masquerade
Intrusion Techniques:
Techniques for guessing passwords:
• Try default passwords.
• Try all short words, 1 to 3 characters long.
• Try all the words in an electronic dictionary(60,000).
• Collect information about the user’s hobbies, family names,
birthday, etc.
• Try user’s phone number, social security number, street
address, etc.
Intrusion Detection(Cont’d …)
Intusion Detection:
The intruder can be identified and ejected from the system.
An effective intrusion detection can prevent intrusions.
Intrusion detection enables the collection of information about
intrusion techniques that can be used to strengthen the
intrusion prevention facility.
Statistical anomaly detection:
Treshold detection
Profile based
Signature detection:
Rule-based Anomaly detection
Rule-based Penetration identidication
Intrusion Detection(Cont’d …)
Anomaly Detection:
1. Threshold detection :
checks excessive event occurrences over time
alone a crude and ineffective intruder detector
must determine both thresholds and time intervals
2. Profile based :
characterize past behavior of users / groups
then detect significant deviations
based on analysis of audit records
gather metrics: counter, guage, interval timer, resource utilization
analyze: mean and standard deviation, multivariate,
markovprocess, time series, operational model
Intrusion Detection(Cont’d …)
Signature Detection:
Observe events on system and applying a set of
rules to decide if intruder is attacking.
Based on two approaches:
1. Rule-based anomaly detection
analyze historical audit records for expected behavior, then
match with current behavior
2. Rule-based penetration identification
rules identify known penetrations / weaknesses
often by analyzing attack scripts from Internet
supplemented with rules from security experts
Social Engineering
Social Engineering:
It is the process of using social skills to convince people to
reveal access credentials or other valuable information to the
attacker.
An attacker gets more information by calling others in the
company and asserting his/her authority by mentioning chief’s
name.
Attackers are conducting social engineering attacks via smart
phones and tablet PCs to gather personal data from
unsuspecting users.
When those same devices are used to access the corporate
network and its resources, the corporation is at risk.
Social Engineering(Cont’d …)